asyncrat | d00d857b3d2b02c4ae31f5f31e22ab8e98d2c54b65dd68c994300985f20535b6 | Triage

Sharing

General

Target

d00d857b3d2b02c4ae31f5f31e22ab8e98d2c54b65dd6.exe
Size

10.4MB
Sample

250121-ztv4ja1lhk
MD5

1709ac76cf759864bda829f2db77fb9c
SHA1

763937dfaae0ee35b010ba987c1e02264a3a801c
SHA256

d00d857b3d2b02c4ae31f5f31e22ab8e98d2c54b65dd68c994300985f20535b6
SHA512

3064b5dd6147e872bcf409140a16ee7a35ea1b0663fb0fce88901b18474d02a1d24a333e798be09027fc35e29510563b458352d74d47550b6de567fcb123c134
SSDEEP

6144:SUm07J7ezm3f3C8QS4syOpj5PZOpRfXnhKhaQpYGO3Cfg+:O0cwPC8OsymVeR/h2a01E3

Score

10^/10

asyncrat default rat

Malware Config

Extracted

Family

asyncrat

Version

0.5.8

Botnet

Default

C2

87.120.125.185:6606

Mutex

BI0OVzXXg6YF

Attributes

delay
3
install
false
install_file
rokas.exe
install_folder
%AppData%

aes.plain

Targets

- Target
  
  d00d857b3d2b02c4ae31f5f31e22ab8e98d2c54b65dd6.exe
- Size
  
  10.4MB
- MD5
  
  1709ac76cf759864bda829f2db77fb9c
- SHA1
  
  763937dfaae0ee35b010ba987c1e02264a3a801c
- SHA256
  
  d00d857b3d2b02c4ae31f5f31e22ab8e98d2c54b65dd68c994300985f20535b6
- SHA512
  
  3064b5dd6147e872bcf409140a16ee7a35ea1b0663fb0fce88901b18474d02a1d24a333e798be09027fc35e29510563b458352d74d47550b6de567fcb123c134
- SSDEEP
  
  6144:SUm07J7ezm3f3C8QS4syOpj5PZOpRfXnhKhaQpYGO3Cfg+:O0cwPC8OsymVeR/h2a01E3
Score

10^/10

asyncrat default rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Async RAT payload
  rat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

asyncratdefaultrat